Microsoft Launches Project Spartan Bounty
July 21, 2017 by

Microsoft is Turning the Tables on Russian Hackers with Lawyers

Microsoft is beginning counter measures against the alleged state-sponsored Russian hacking group known as Fancy Bear.

Linked with Russia’s covert military intelligence agency, Fancy Bear is commonly known for allegedly being the perpetrator of last year’s Democratic National Convention hack. According to the Daily Beast, the hacker group was sued in a federal court outside Washington DC by attorneys for software and technology giant Microsoft. The hacker group has been accused of computer intrusion, cybersquatting and infringing on Microsoft’s trademarks.

The lawsuit, the report describes, isn’t to get the hackers into court. Instead, the action is one wherein Microsoft is targeting the command-and-control servers belonging to the Russian hackers. Microsoft sees this as the “the most vulnerable point” in Fancy Bear’s espionage operations.

Indeed, Microsoft has already used the lawsuit to take control of 70 unique command-and-control points away from Fancy Bear. Rather than taking physical custody of the servers rented by Fancy Bear in data centers around the world, Microsoft has been busy accumulating the Internet domains that route the traffic to them. Addresses like “livemicrosoft[.]net” which are under the control of Fancy Bear for a mere $10 is now being redirected from Fancy Bear’s servers to Microsoft’s infrastructure. This gives Microsoft a direct, transparent line of sight of that servers’ network of malicious actors.

“In other words,” Microsoft outside counsel Sten Jenson said in a court filing last year, “any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server.”

Further, the report adds that Microsoft hasn’t explicitly mentioned Russia or Fancy Bear in its lawsuit, instead describing the hacker group as a “sophisticated and well-resourced organization.”

It remains to be seen how much longer Microsoft will continue to disrupt the malicious hacking groups’ operations before the latter change their tact.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Microsoft’s Secret Bug Database was Hacked in 2013

Technology giant Microsoft never disclosed a major breach of its internal database tracking bugs, a...

Read more arrow_forward

Microsoft Admits Cloud Service Faces 300% Increase in CyberAttacks

Technology giant Microsoft has revealed that its cloud-based user accounts have seen a 300% increase...

Read more arrow_forward

Ransomware Woes Sees India Force Microsoft for Cut-Price Upgrade Deal

Following last month’s unprecedented cyberattack led by the WannaCry ransomware, India has...

Read more arrow_forward